qcacmn: Validate the buffer length in fips event handler

In the WMI_PDEV_FIPS_EVENTID event handling, add a length
check to validate if the buffer length sent by the firmware
in fixed params is less than or equal to the actual buffer
length before processing the data.

Change-Id: I7a952d3e3a2f66060451263b72118a52aa89dd06
CRs-Fixed: 3009887

wmi/src/wmi_unified_tlv.c

@@ -12138,6 +12138,9 @@ static QDF_STATUS extract_fips_event_data_tlv(wmi_unified_t wmi_handle,
 	param_buf = (WMI_PDEV_FIPS_EVENTID_param_tlvs *) evt_buf;
 	event = (wmi_pdev_fips_event_fixed_param *) param_buf->fixed_param;
 
+	if (event->data_len > param_buf->num_data)
+		return QDF_STATUS_E_FAILURE;
+
 	if (fips_conv_data_be(event->data_len, param_buf->data) !=
 							QDF_STATUS_SUCCESS)
 		return QDF_STATUS_E_FAILURE;